HealthStream HIPAA- Questions &
Answers
Question 1: Which statement is true of an organization that sends and/or receives PHI
electronically?
a. The organization is a covered entity under HIPAA
b. The organization is exempt from HIPAA requirements
c. The organization may choose whether or not to follow HIPAA
d. The organization is required to follow only the HIPAA privacy rule Correct Ans-Your
Answer
The organization is a covered entity under HIPAA.
Feedback
An organization must follow HIPAA if the organization's business activities involve sending
and/or receiving PHI electronically.
Question 2: Which of the following is an administrative safeguard for PHI?
a. Removing electronic PHI from media before media reuse
b. Ensuring that PHI sent electronically is not changed improperly
c. Controlling physical access to workstations with access to electronic PHI
d. Authorizing and/or supervising employees who work with electronic PHI Correct Ans-
Your Answer
Authorizing and/or supervising employees who work with electronic PHI
, Feedback
An administrative safeguard for PHI, required under HIPAA, is authorization and/or supervision
of employees with access to PHI.
Question 3: The HIPAA security rule establishes national standards for protecting the
confidentiality of electronic PHI.
a. True
b. False Correct Ans-Your Answer
True
Feedback
The HIPAA security rule establishes standards for protecting the confidentiality of electronic PHI
and the integrity and availability of this information.
Question 1: The PHI of 600 patients in Tennessee was breached. Whom should be notified?
a. HHS secretary
b. Patients involved
c. Media
d. All of the above Correct Ans-Your Answer
All of the above
Feedback
All of these need to be notified.
Answers
Question 1: Which statement is true of an organization that sends and/or receives PHI
electronically?
a. The organization is a covered entity under HIPAA
b. The organization is exempt from HIPAA requirements
c. The organization may choose whether or not to follow HIPAA
d. The organization is required to follow only the HIPAA privacy rule Correct Ans-Your
Answer
The organization is a covered entity under HIPAA.
Feedback
An organization must follow HIPAA if the organization's business activities involve sending
and/or receiving PHI electronically.
Question 2: Which of the following is an administrative safeguard for PHI?
a. Removing electronic PHI from media before media reuse
b. Ensuring that PHI sent electronically is not changed improperly
c. Controlling physical access to workstations with access to electronic PHI
d. Authorizing and/or supervising employees who work with electronic PHI Correct Ans-
Your Answer
Authorizing and/or supervising employees who work with electronic PHI
, Feedback
An administrative safeguard for PHI, required under HIPAA, is authorization and/or supervision
of employees with access to PHI.
Question 3: The HIPAA security rule establishes national standards for protecting the
confidentiality of electronic PHI.
a. True
b. False Correct Ans-Your Answer
True
Feedback
The HIPAA security rule establishes standards for protecting the confidentiality of electronic PHI
and the integrity and availability of this information.
Question 1: The PHI of 600 patients in Tennessee was breached. Whom should be notified?
a. HHS secretary
b. Patients involved
c. Media
d. All of the above Correct Ans-Your Answer
All of the above
Feedback
All of these need to be notified.
